In 2022, Purdue University began piloting Microsoft’s Defender for Office (MDO) email security service. This page provides information about what MDO is and how it may impact you going forward.
Microsoft Defender for Office 365 is a security email service that protects Purdue University accounts from malicious phishing campaigns, marketing spam, malware, and more. Using Microsoft’s machine learning and Artificial Intelligence (AI), MDO will provide greater email security and protect you from the latest email threats. For more details, please see the video below:
Unlike the Cisco Spam Filter, MDO allows each user to directly modify and fine tune their own email experience.
Malicious emails
Any email believed to be "malicious" - meaning email believed to be phishing or another threat - is placed in a security quarantine. You will be emailed a daily quarantine report notifying you of messages delivered to your quarantine. You should check these reports regularly to ensure that legitimate emails were not marked malicious. See the "How to Release Legitimate Email from Quarantine" section below for more details.
Spam emails
Spam emails - meaning unsolicited advertisements, newsletters, or other messages sent in bulk will be sent to your Junk folder within Office 365. If you receive spam email to your inbox, you can block these emails in the future by adding that sender or domain to your Blocked Senders list. See the "How do I whitelist/blacklist emails within MDO?" FAQ for more details.
Graymail emails
Missing emails
If you have not received an expected email, check both your junk folder and the quarantine report to see if the email was identified incorrectly. See "How to fine tune Safe/Block Senders list" FAQ for more details.
To release falsely held emails from quarantine, simply open a web browser and navigate to https://security.microsoft.com/quarantine or you can click the "Review" button in the daily quarantine report that you receive in your inbox. Once there, sign into MDO using your Purdue career account and password (Doing so will result in a prompt for Microsoft's Multi-Factor Authentication). Once signed in, you can then select the messages that you wish to release and click the "release" option. Note: It may take up to 5 minutes for the released email to appear in your inbox after performing this action.
If you need additional instructions, they can be found in the video below:
Exchange Online's Safe/Block Senders list allows each user to directly modify and fine tune their own email experience as seen below.
| Condition | Recommendation | Detail |
|---|---|---|
| Approved senders/domains being sent to junk | Add sender/domain to safe senders | Adding the sender/domain to safe senders ensures proper delivery to the inbox |
| Spam being sent to inbox | Add sender/domain to block senders |
Adding sender/domain to block senders ensures delivery of spam to junk |
| Email incorrectly sent to quarantine | Click “Report to Microsoft” button |
Clicking “Report to Microsoft” allows MDO to adjust its machine learning engine for your mailbox. This may take several iterations of email delivery to fine tune. |
MDO retains both a whitelist and blacklist in the form of Exchange Online's Safe/Block Senders lists. Emails or domains entered into the Safe Senders list are able to bypass certain scanning mechanisms such as anti-spam and anti-spoofing engines. NOTE: Any emails convicted due to potential malware or phishing do NOT honor the Safe Senders list.
Emails or domains entered into the Block Senders list will be immediately sent to the Junk folder.
When you report a message in your inbox as junk/phishing, it will add that specific email address to your personal blocked list.
NOTE: If you desire to block all messages from a specific domain, you can do that in the Settings menu.
If you report a message as not junk from the Junk Email folder, MDO will make sure you receive emails from this specific email address more often.
Junk / Phishing – choosing these options will move the message from your Inbox to your Junk Email folder; a copy of the message may be sent to Microsoft to help update spam/phishing filters.
Not Junk – choosing this option when a message has incorrectly been sent to the Junk Email folder will move the message back to your Inbox and update Microsoft to make sure you receive messages from this address in the future.
Options – allows you to choose whether messages are automatically sent to Microsoft when they’re reported as junk or phishing attempt.
Safe Links is a feature in Defender for Office 365 that provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations. Safe Links scanning occurs in addition to the regular anti-spam and anti-malware in inbound email messages in Exchange Online Protection (EOP). Safe Links scanning can help protect your organization from malicious links that are used in phishing and other attacks.